Overview

overview

6

Static

static

b61285177c...8a.exe

windows7-x64

6

b61285177c...8a.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    91s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/12/2022, 02:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b61285177cb0da96b3c7d470a0e0b0ff13cab967be113542f846b493c19a788a.exe

  • Size

    1.3MB

  • MD5

    4e50d96f7cc720ff3b0292a95d1e01dc

  • SHA1

    ba1a0a2dfbaca297a768c62b72c7e2c610fe49e9

  • SHA256

    b61285177cb0da96b3c7d470a0e0b0ff13cab967be113542f846b493c19a788a

  • SHA512

    2b7a5aba1e7b99dd564274627b009e86f9c3eaf5032ee16bdd9cf9cce87a5b21c9793b03f77ed9c9ca96323f4384f7c6512e27300edffc1cc6c24501b05718b2

  • SSDEEP

    24576:cpwRc/yU/NrD+U+ddryl6vWFnePtxwiKGvUIc4PYJWebrU4H1:mwRux/NP+Ufc9nqyiZBV

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b61285177cb0da96b3c7d470a0e0b0ff13cab967be113542f846b493c19a788a.exe
    "C:\Users\Admin\AppData\Local\Temp\b61285177cb0da96b3c7d470a0e0b0ff13cab967be113542f846b493c19a788a.exe"
    1⤵
      PID:2672
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2672 -s 576
        2⤵
        • Program crash
        PID:4000
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2672 -s 576
        2⤵
        • Program crash
        PID:2336
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 188 -p 2672 -ip 2672
      1⤵
        PID:5072
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 2672 -ip 2672
        1⤵
          PID:828

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2672-132-0x0000000000400000-0x0000000000F47000-memory.dmp

          Filesize

          11.3MB

          Download

        • memory/2672-134-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-133-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-135-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-136-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-137-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-138-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-139-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-140-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-141-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2672-142-0x0000000000400000-0x0000000000F47000-memory.dmp

          Filesize

          11.3MB

          Download